Alert: “pupzz2000” phishing attack via Yahoo! Geocities

This URL is being sent around via IM. It’s a very convincing page that looks like a login for Yahoo! Photos, being circulated by what I suspect is a virus/trojan that uses AIM to propagate as I received this URL via an IM from someone I knew.

Looking at the page’s source (as I was skeptical about having to log into Yahoo! Photos at a geocities.com URL), I found:

This Geocities page needs to be shut down ASAP before too many people get their Yahoo! accounts compromised. I’ve already sent a message to Yahoo! via it’s abuse web contact form. But, keep on the lookout for this kind of thing.

Well .. sometimes yahoo photos needs you to sign up to view privately shared albums. It is foolish, but easy to confuse “hot pics” with that, and provide your login. The original mail appears “clean”, as it comes from a compromised account.

it’s back. just had a link – http://geocities.com/hot_new_one/ – from someone i know who isnt very tech savvy or paranoid about what she clicks on, as with the above i am suspicious of these things so i checked the source and its also fiberbit. a Google search led me to this page.